public async Task <HttpResponseMessage> BuyItem(BuyItemReq req)
{
BuyItemRes res = new BuyItemRes();
try
{
if (req == null)
{
res.ResponseCode = ((int)InternalResponseCode.InvalidRequestBody).ToString();
res.ResponseMessage = "Request body cannot be null";
return(Request.CreateResponse(HttpStatusCode.BadRequest, res));
}
CommonLib commonLib = new CommonLib();
var identity = (ClaimsIdentity)User.Identity;
//get merchantname from identity
var merchantname = identity.Name;
//get merchant profile from name
var profile = commonLib.GetUserProfileByMerchantName(merchantname);
if (profile == null)
{
//invalid profile
res.ResponseCode = ((int)InternalResponseCode.InvalidCredential).ToString();
res.ResponseMessage = "Invalid Credential";
return(Request.CreateResponse(HttpStatusCode.Forbidden, res));
}
//generate hash and compare with what was included in the requestbody
var mygeneratedhash = commonLib.GenerateSHA256Hash(profile.SecretKey, req.timestamp, profile.ApiKey, req.ReceiptRef);
//compare with hash sent by client
if (mygeneratedhash != req.HashValue || string.IsNullOrEmpty(req.HashValue))
{
//unrecognised user
res.ResponseCode = ((int)InternalResponseCode.InvalidHash).ToString();
res.ResponseMessage = "Invalid Hash";
return(Request.CreateResponse(HttpStatusCode.Forbidden, res));
}
res = await commonLib.BuyItem(req);
return(Request.CreateResponse(HttpStatusCode.OK, res));
}
catch (Exception ex)
{
logger.Error(ex);
res.ResponseCode = ((int)InternalResponseCode.Exception).ToString();
res.ResponseMessage = "Exception Occurred";
return(Request.CreateResponse(HttpStatusCode.ExpectationFailed, res));
}
}
